UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`GUEST-TEK INTERACTIVE ENTERTAINMENT LTD.,
`
`Petitioner,
`
`v.
`
`NOMADIX, INC.,
`
`Patent Owner.
`
`U.S. Patent No. 8,266,266 to Short et al.
`Issued: September 11, 2012
`Filed: January 11, 2010
`
`Title: SYSTEMS AND METHODS FOR PROVIDING DYNAMIC NETWORK
`AUTHORIZATION, AUTHENTICATION, AND ACCOUNTING
`
`____________
`
`
`IPR2018-00376
`____________
`
`
`
`
`PETITION FOR INTER PARTES REVIEW OF U.S. PATENT NO. 8,266,266
`
`
`FILED ELECTRONICALLY UNDER 37 C.F.R. § 42.6(b)(1)
`Mail Stop “PATENT BOARD”
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`
`
`

`

`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`TABLE OF CONTENTS
`
`
`TABLE OF AUTHORITIES ................................................................................... iv 
`LISTING OF EXHIBITS ........................................................................................... v 
`I. 
`INTRODUCTION ........................................................................................... 1 
`II.  MANDATORY NOTICES UNDER 37 C.F.R. § 42.8 ................................... 3 
`A. 
`Real Party-in-Interest [37 C.F.R. § 42.8(b)(1)] ..................................... 3 
`B. 
`Related Matters [37 C.F.R. § 42.8(b)(2)] .............................................. 3 
`C. 
`Lead and Backup Counsel; Service Information [37 C.F.R. §§
`42.8(b)(3)-(4)] ....................................................................................... 3 
`III.  REQUIREMENTS UNDER 37 C.F.R. §§ 42.103 and 42.104 ....................... 4 
`A. 
`Payment of Fees [37 C.F.R. § 42.103] .................................................. 4 
`B. 
`Grounds for Standing [37 C.F.R. § 42.104(a)] ..................................... 4 
`IV.  RELIEF REQUESTED [37 C.F.R. § 42.22(a)] .............................................. 5 
`V. 
`THE ’266 PATENT ......................................................................................... 5 
`VI.  CLAIM CONSTRUCTION .......................................................................... 12 
`VII.  PERSON OF ORDINARY SKILL IN THE ART ........................................ 14 
`VIII.  PRIOR ART ................................................................................................... 15 
`A. 
`Slemmer (U.S. Patent No. 6,226,677) ................................................. 15 
`B. 
`Vu (U.S. Patent No. 5,623,601) .......................................................... 19 
`IX.  CLAIMS 1-28 ARE OBVIOUS OVER SLEMMER IN VIEW OF VU ...... 20 
`A. 
`Slemmer Discloses All Non-Handshake Elements of the ’266 Patent’s
`Independent Claims, Including Their “Response Data” Limitations. . 21 
`Slemmer Discloses All Non-Handshake Elements of the ’266 Patent’s
`Dependent Claims. .............................................................................. 24 
`ii
`
`B. 
`
`

`

`C. 
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`A POSITA Would Have Been Motivated to Combine Slemmer with
`Vu. ....................................................................................................... 28 
`Claim Chart ......................................................................................... 29 
`D. 
`CONCLUSION .............................................................................................. 57 
`
`
`
`X. 
`
`
`
`
`
`
`iii
`
`

`

`IPR2018-00376
`U.S. Patent No. 8,266,266
`TABLE OF AUTHORITIES
`Hospitality Core Servs., LLC v. Nomadix, Inc., IPR2016-00077 .................... passim
`
`
`
`
`
`
`
`iv
`
`

`

`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`LISTING OF EXHIBITS
`
`
`Exhibit No.
`1001
`1002
`1003
`1004
`1005
`1006
`1007
`1008
`1009
`1010
`
`1011
`
`1012
`
`Description
`U.S. Patent No. 8,266,266
`Board Decision, Instituting Inter Partes Review in Hospitality
`Core Servs., LLC v. Nomadix, Inc., IPR2016-00077
`U.S. Patent No. 6,226,677 (“Slemmer”)
`U.S. Patent No. 5,623,601 (“Vu”)
`U.S. Patent No. 6,636,894, parent of the challenged patent
`Petition for Inter Partes Review in Hospitality Core Servs.,
`LLC v. Nomadix, Inc., IPR2016-00077
`U.S. Application No. 60/109,878 (“Slemmer Provisional)
`Claim chart comparing Slemmer to Slemmer Provisional
`U.S. Patent No. 6,389,462 (“Cohen”)
`U.S. Patent No. 6,182,139 (“Brendel”)
`Chatel, M., Classical versus Transparent IP Proxies, Network
`Working Group Paper (March, 1996) (RFC 1919) Internet
`Engineering Task Force (“IETF”), Excerpts
`U.S. Patent No. 8,266,266 Prosecution History Excerpts
`
`v
`
`

`

`
`
`I.
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`INTRODUCTION
`Petitioner Guest Tek Interactive Entertainment Ltd. (“Guest-Tek”), hereby
`
`respectfully requests inter partes review (“IPR”), in accordance with 35 U.S.C. §
`
`311 and 37 CFR § 42.100, and cancellation of claims 1-28 of U.S. Patent No.
`
`8,266,266 (Ex. 1001 or “the ’266 patent”) owned by Patent Owner Nomadix, Inc.
`
`(“Nomadix”) (“Petition”).
`
`The Board has previously concluded that claims 1-28 of the ’266 patent are
`
`reasonably likely to be deemed unpatentable as obvious under pre-America Invents
`
`Act (“AIA”) 35 U.S.C. § 103(a). Hospitality Core Servs., LLC v. Nomadix, Inc.,
`
`IPR2016-00077, Decision Instituting Inter Partes Review, at 3 (Ex. 1002). The
`
`Hospitality Core proceeding was instituted in 2016 on a petition filed in 2015 by a
`
`non-party to the instant Petition, and the proceeding was terminated by agreement
`
`of the parties before any further substantive action was undertaken therein. The
`
`instant Petition is based on the same combination of prior art (i.e., U.S. Patent No.
`
`6,226,677, issued on May 1, 2001 to Slemmer (Ex. 1003 or “Slemmer”) in view of
`
`U.S. Patent No. 5,623,601, issued on April 22, 1997 to Vu (Ex. 1004 or “Vu”), and
`
`the same obviousness arguments previously presented to the Board in Hospitality
`
`Core, and accordingly, the instant Petition should be granted for the same reasons
`
`as it was in Hospitality Core.
`
`1
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`The alleged invention of the ’266 patent is “the transparent redirection of
`
`[internet] users to a portal page, and, in certain circumstances from the portal page,
`
`to a login page where users subscribe for network access.” (Ex. 1001, col. 8 ll. 57-
`
`60.) An “advantage” of this transparent redirection, according to the ’266 patent,
`
`“is that a user can obtain access to networks or online services without installing
`
`any software onto the user’s computer.” (Id., col. 8 ll. 57-62.) But “transparent
`
`redirection” and its advantages existed in the prior art well over a year before the
`
`effective filing date of the ’266 patent. Slemmer, for instance, explicitly discloses
`
`all elements of all ’266 patent claims, but does not explicitly disclose the ‘266
`
`patent’s claimed “handshake,” by which a gateway responds to the user’s computer
`
`as if it were the machine to which the user requested access. But the claimed
`
`“handshake” is also old and well known, as demonstrated, for example, by Vu.
`
`As in Hospitality Core, the ’266 patent claims would have been obvious to a
`
`person of ordinary skill in the art and, the Board should therefore grant this
`
`Petition.
`
`
`
`
`
`
`
`
`
`2
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`II. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8
`A. Real Party-in-Interest [37 C.F.R. § 42.8(b)(1)]
`Guest-Tek Interactive Entertainment Ltd. is the real party-in-interest.
`
`
`
`B. Related Matters [37 C.F.R. § 42.8(b)(2)]
`The ‘266 patent, among others, is presently the subject of a breach of
`
`contract lawsuit (based on an alleged breach of a patent license) brought by
`
`Nomadix against Guest-Tek. Nomadix, Inc. v. Guest-Tek Interactive Entertainment
`
`Ltd., Case No. 2:16-CV-08033-AB-FFM (Central District of California) (“the
`
`Litigation”).
`
`
`
`
`
`C. Lead and Backup Counsel; Service Information [37 C.F.R. §§
`42.8(b)(3)-(4)]
`Guest-Tek’s lead counsel is:
`
`Michael J. Swope (Reg. No. 38,041)
`Baker & Hostetler LLP
`999 Third Avenue
`Seattle, WA 98104-4040
`T (206) 332-1380
`F (206) 624-7317
`mswope@bakerlaw.com
`
`Guest-Tek’s backup counsel is:
`
`
`
`
`
`
`Steven J. Rocci (Reg. No. 30,489)
`Baker & Hostetler LLP
`Cira Centre, 12th Floor
`Philadelphia, PA 19104-2891
`3
`
`

`

`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`
`
`
`
`
`
`
`
`T (215) 568-3100
`F (215) 568-3439
`srocci@bakerlaw.com
`
`Please direct all correspondence about this petition to lead counsel. Guest-
`
`Tek also consents to email service at Guest-TekIPR@bakerlaw.com.
`
`III. REQUIREMENTS UNDER 37 C.F.R. §§ 42.103 and 42.104
`A.
`Payment of Fees [37 C.F.R. § 42.103]
`Guest-Tek authorizes the USPTO to charge Deposit Account No. 233050 for
`
`all fees associated with this petition, including but not limited to all fees set forth in
`
`37 C.F.R. § 42.15(a).
`
`B. Grounds for Standing [37 C.F.R. § 42.104(a)]
`Guest-Tek certifies that the ’266 patent is available for inter partes review
`
`and that Guest-Tek is not barred or estopped from requesting inter partes review of
`
`any claim of the ’266 patent under 35 U.S.C. §§ 315(a)-(b) or 37 C.F.R. §§ 42.101
`
`– 42.103. Guest-Tek has not been served with a complaint alleging infringement of
`
`the ‘266 patent, nor have allegations of patent infringement been asserted against
`
`Guest-Tek in the Litigation. Guest-Tek has asserted invalidity of the ‘266 patent
`
`as an affirmative defense in the Litigation, but it has not filed a civil action
`
`challenging the validity of any claim of the ’266 patent.
`
`
`
`4
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`IV. RELIEF REQUESTED [37 C.F.R. § 42.22(a)]
`Guest-Tek requests inter partes review and cancellation of claims 1-28 of
`
`the ’266 patent. Under pre-AIA 35 U.S.C. § 103(a), all of the claims would have
`
`been unpatentable as obvious to a person of ordinary skill in the art over Slemmer
`
`in view of Vu.
`
`V. THE ’266 PATENT
`The ’266 patent purports to describe systems and methods for “selectably
`
`controlling and customizing [user] access to a [computer] network.” (See Ex. 1001,
`
`Abstract, col. 15 ll. 59-61.) The user is said to be “associated with a source
`
`computer” which “has transparent access to the network via a gateway device”—
`
`that is, the source computer needs “no configuration software [to] be installed . . .
`
`to access the network.” (Id., Abstract.)
`
`If a hotel guest tries to access a web page, for example, the gateway may
`
`redirect the guest to a portal page for buying internet access:
`
`5
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`
`
`Hospitality Core (Exhibit 1002 at 3.)
`
`The following block diagram from the ’266 patent purports to illustrate how
`
`the system 10 allows computers 14 to access online services and networks 22:
`
`
`
`6
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`(Ex. 1001, Fig. 1.) An access controller 16 connects the computers to a gateway
`
`device 12. (Id., col. 15 ll. 24-28.) When the user’s request reaches the gateway
`
`device, a “well known” dynamic host configuration protocol (“DHCP”) server 24
`
`assigns an “EP address” to the user’s computer and an authentication,
`
`authorization, and accounting (“AAA”) server 30 authenticates and authorizes user
`
`access to the online service or network. (See id., col. 15 ll. 38-42, col. 23 ll. 24-31.)
`
`Then, a router 18 establishes a link to the online service or network. (Id., col. 15 ll.
`
`52-55.)
`
`The ’266 patent contains 3 independent claims and 25 dependent claims.
`
`Independent claim 1 recites a method, including the steps of [a] receiving from the
`
`user a request to open a transmission control protocol (“TCP”) connection with an
`
`external server, [b] sending to the user “handshake completion data” that appears
`
`to be from the external server without communicating with the external server, [c]
`
`receiving from the user an HTTP server request for access to the external server,
`
`and [d] generating and [e] sending to the user “response data” including “alternate
`
`content” that appears to be from the external server:
`
`1. A method of redirecting a session directed to an HTTP server
`to a redirected destination HTTP server, the method comprising the
`steps of:
`
`
`7
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`[a] receiving, at a communications port of a network system, a
`request from a user device to open a TCP connection with a server
`located external to the network system;
`
`[b] sending, from the network system, TCP connection
`handshake completion data to the user device in response to the
`request to open the TCP connection, the handshake completion data
`being configured to appear to be from the server located external to
`the network system, wherein
`the network system need not
`communicate with the server located external to the network system;
`
`[c] receiving, at the communications port of the network
`system, an HTTP server request for access to the server located
`external to the network system, the HTTP server request originating
`from the user device; and
`
`[d] generating response data customized for the HTTP server
`request, the response data including alternate content different from
`content requested by the HTTP server request, wherein the response
`data is customized for the HTTP server request at least in part by
`appearing to be from the server located external to the network
`system, wherein the response data appears to be from the server
`located external to the network system at least in part by including, in
`a header of the response data, a source address corresponding to the
`server located external to the network system; and
`
`
`8
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`[e] sending, from the network system, a response to the HTTP
`server request, the response configured to cause the user device to
`receive the alternate content, the response comprising the generated
`response data customized for the HTTP server request.
`
`(Ex. 1001, col. 38 ll. 4-36) (bracketed lettering added). In Hospitality CoreError!
`
`Bookmark not defined., the Board deemed this claim “illustrative” of the other 27
`
`claims. (Ex. 1002 at 4-5.)
`
`
`
`Independent claim 11 is a system claim that mimics method claim 1. It
`
`recites a system that: [a] contains a processor and a communications port
`
`configured to communicate on a network, [b] is configured to send to the user
`
`“handshake completion data” that appears to be from an external device without
`
`needing to communicate with the external server, [c] is configured to process an
`
`access request from the user, [d] includes a “redirection data generation module”
`
`configured to generate and [f] to send to the user “response data” including
`
`“alternate content” that [e] appears to be from the external device:
`
`11. A system for transmitting alternate content to a user device
`attempting to communicate through a network, comprising:
`
`
`
`[a] a network access management system including at least one
`processor and at least one communications port configured to
`communicate on a network;
`
`9
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`
`[b] the network access management system configured to send
`connection handshake completion data to a user device in response to
`a connection request from the user device directed to a first device
`that is external to the network access management system, the
`connection handshake completion data configured to appear to be
`from the first device, wherein the network access management system
`need not communicate with the first device;
`
`[c] the network access management system further configured
`to process an incoming request for access to the first device;
`
`[d] the network access management system further including a
`redirection data generation module configured to generate response
`data customized for the incoming request for access to the first device,
`the response data including alternate content different from content
`requested by the incoming request;
`
`[e] the redirection data generation module configured to
`generate the response data to appear to be from the first device,
`wherein the response data appears to be from the first device at least
`in part by including a source address corresponding to the first device
`in a header of the response data; and
`
`
`10
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`[f] the network access management system further configured
`to send a response to the incoming request for access to the first
`device, the response comprising the generated response data.
`(Ex. 1001, col. 39 ll. 14-47) (lettering added). Twelve dependent claims follow.
`
`Independent claim 24 is a system claim that mimics independent system
`
`claim 11:
`
`24. A network management system, configured to cause a user
`device to receive alternate content different from what was requested
`by the user device, the user device being connected to the network
`management system, the system comprising:
`
` a
`
` communications port configured to receive incoming data
`from the user device relating to accessing a first network location
`external to the network management system; and
`
` a
`
` processor configured to complete a connection handshake
`with the user device while appearing to be the first network location,
`the connection handshake being completed in response to the
`incoming data and without the need to communicate with the first
`network location;
`
`the processor further configured to generate response data
`customized for the user device, the response data including alternate
`content different from content to be accessed at the first network
`location, wherein the response data is customized for the user device
`11
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`at least in part by appearing to be from the first network location,
`wherein the response data appears to be from the first network
`location at least in part by including a source address corresponding to
`the first network location in a header of the response data;
`
`the processor further configured to send to the user device the
`generated response data including the alternate content.
`
`(Ex. 1001, col. 40, ll. 18-44.) Four dependent claims follow.
`
`VI. CLAIM CONSTRUCTION
`Claims 1, 11, and 24 use the term “redirection data generation module,”
`
`which, like all claim terms of the ’266 patent, must be given its broadest
`
`reasonable interpretation. 37 C.F.R. § 42.100(b). Here, the Board should adopt its
`
`prior construction from Hospitality Core:
`
`We preliminarily construe “redirection data generation module” to be
`hardware and/or software for carrying out functions attributable to the
`“redirection data generation module” as set forth in the claims. We do not
`regard “redirection data generation module” as excluding a “software proxy
`running on a gateway” if it is established that a “software proxy running on a
`gateway” carries out the functions required by the claims.
`(Ex. 1002 at 7-8.)
`
`This construction comports with Nomadix’s own reading of U.S. Patent No.
`
`6,636,894 (“the ’894 patent,” Ex. 1005), of which the ’266 patent is a continuation
`
`12
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`of a continuation-in-part.1 (Ex. 1001, Related U.S. Application Data.) Even after
`
`the USPTO denied a petition for inter partes reexamination of the ’894 patent,
`
`Nomadix filed a response to “certain statements made in the Decision on Petition
`
`[that] were [ostensibly] incorrect.” (Ex. 1006 at 69.) One purported correction
`
`broadly construed “redirection server” such that “the gateway itself can act as the
`
`redirection server, in addition to external or internal components, which can
`
`provide the redirection functionality.” (Id. at 70.) Nomadix identified two portions
`
`of the ’894 patent that allegedly supported its correction:
`
`“‘The redirection is accomplished by a Home Page Redirect (HPR)
`performed by the gateway device, a AAA server, or by a portal page
`redirect unit located internal to or external to the gateway device.’”
`(Id.) (quoting Ex. 1005, col. 9 ll. 5-8).
`
`“The gateway device ‘typically includes a controller and a memory
`device in which software is stored that defines the operational
`
`
`
` 
`
`
`
`
`
`1 On June 30, 2015, Nomadix filed terminal disclaimers in the ’266 patent based on
`
`the ’894 patent and other related patents. (Ex. 1012 at 348-49.) Accordingly, by
`
`Nomadix’s own admission, the ‘266 patent claims are not patentably distinct from
`
`at least the ‘894 patent.
`
`13
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`characteristics of the gateway device . . . .’” (Id.) (quoting Ex. 1005,
`col. 6 ll. 34-37).
`
`These same quotations appear in the ’266 patent. (See Ex. 1001, col. 22 ll. 45-48,
`
`col. 33 ll. 41-44.)
`
`
`
`This reading also comports with the determination in Hospitality Core that
`
`the ’266 patent specification contains “no explicit definition” of “redirection data
`
`generation module,” but rather “describes several ways that redirection can be
`
`carried out” and “seizes upon the phrase ‘redirection data generation module’ as a
`
`handle to describe a certain bundle of functions to be performed as set forth in the
`
`claims.” (Ex. 1002 at 7.) The Board should reach the same conclusion here.
`
`VII. PERSON OF ORDINARY SKILL IN THE ART
`As stated in the Hospitality Core petition, a person of ordinary skill in the art
`
`(“POSITA”) of systems and methods for redirecting users having transparent
`
`computer access to a network using a gateway device having redirection capability,
`
`at the time of the alleged invention, as recited in the claims of the ’266 patent,
`
`would have had a vocational or university degree in computer science, proficiency
`
`in programming and support of network devices, and at least 5 years of
`
`programming experience in the area. (Ex. 1006 at 34; Ex. 1002, granting petition
`
`without altering the POSITA definition.)
`14
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`VIII. PRIOR ART
`
`Because the ʼ266 patent application was filed before the effective date of the
`
`AIA, pre-AIA §§ 102 and 103 apply. (See Ex. 1001.) Slemmer was filed before
`
`(but published after) the effective filing date of the ’266 patent, so it is prior art
`
`under pre-AIA 35 U.S.C. § 102(e). (See Ex. 1003.) In fact, although Slemmer was
`
`filed in January 1999, it is entitled under 35 U.S.C. § 119(e) to the priority date of
`
`November 25, 1998 based on U.S. Provisional Patent App. No. 60/109,878 (Ex.
`
`1007; Ex. 1008, claim chart comparing Slemmer provisional application to
`
`Slemmer issued patent.) And because Vu issued more than a year before the
`
`effective filing date of the ’266 patent, it is prior art under pre-AIA 35 U.S.C. §
`
`102(b). (See Ex. 1004.)
`
`A.
`
`Slemmer (U.S. Patent No. 6,226,677)
`
`
`
`As stated in Hospitality Core, Slemmer discloses all claim elements of the
`
`’266 patent except for “the required ‘handshake.’” (Ex. 1002 at 12.) Slemmer
`
`describes “controlled communications over a global computer network” (Ex. 1003,
`
`Title) as illustrated below:
`
`15
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`(Id. at Fig. 1.)
`
`
`
`As noted in Hospitality Core:
`
`
`
` In the above figure, system 100 includes user machines 120 that are
`
`part of an intranet 110 isolated from internet 140 by a firewall. (Ex.
`
`1002 at 9.) The firewall may be implemented on a forced proxy server
`
`130, which handles signal traffic to and from the user machines. (Id.)
`
`The output side of the proxy server includes ports that communicate
`
`with the internet. (Id.) (citing Ex. 1003, col. 3 l. 65 – col. 4 l. 2).
`
` The specification describes controlling communication of a
`
`transmission control protocol (“TCP”) packet from a user machine.
`
`(Id.) During a browser request, a TCP packet travels from the user
`
`machine to the forced proxy server. (Id.) The TCP packet includes a
`
`16
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`field holding a first destination IP address. (Id.) If the packet is
`
`intended to be transmitted over the Internet, its port designation is
`
`“80.” Id. (citing Ex. 1003, col. 4 ll. 19-31).
`
` The forced proxy server analyzes the packet. (Id.) If the packet has a
`
`port designation of “80,” has a first destination IP address, and does
`
`not correspond to a “sandboxed” (directly accessible by the user)
`
`domain, then the packet is delivered to a different port and the
`
`destination address is changed to a predetermined second destination
`
`IP address, rerouting the TCP packet to another IP address on the
`
`internet. (Id.) The rerouted IP address provides content to the user
`
`machine, and at least a majority of that content is different from that
`
`expected to be obtained by the user machine. (Id.) (citing Ex. 1003,
`
`col. 4 ll. 31-50).
`
` On the forced proxy server, a software control program communicates
`
`with the software port to which the packet is redirected. (Id.) (citing
`
`Ex. 1003, col. 4 ll. 40-42). This software port responds to the user
`
`machine request as if it were the internet web server to which the
`
`request was originally directed. (Id.) (citing Ex. 1003, col. 4 ll. 42-44).
`
`The proxy server program or control program takes control of the web
`
`17
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`request by either fulfilling the actual request from the user machine or
`
`implementing other predetermined steps, such as providing
`
`information to the user machine from one or more particular web
`
`pages of a website different from the user machine’s requested site.
`
`(Id. at 9-10) (citing Ex. 1003, col. 4 ll. 40-51).
`
` The web pages to be directed to the particular user machine can be
`
`identified based on a number of factors including: the input to the user
`
`machine by the user or operator of that machine and provided to the
`
`browser on the user machine; the Internet or media access control
`
`(“MAC”) address associated with the particular user machine; and
`
`other factors such as whether or not the internet is capable of allowing
`
`a particular user machine to freely access the internet as if the proxy
`
`server were not interposed between the particular user machine and
`
`the internet. (Id. at 10) (citing Ex. 1003, col. 4 ll. 51-63).
`
`
`
`In practice, Slemmer’s redirection may automatically occur after a user, such
`
`as a hotel guest, plugs in his laptop and runs his browser:
`
`[A] user plugs in his laptop and runs his browser . . . . The user’s
`default web page is a first URL home.browserid.com/Index.htm. The
`user’s laptop . . . attempts to connect to port 80 of
`home.browserid.com . . . . The server 130 redirects this request to the
`
`18
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`forced proxying or control program. The control program determines
`that this is the first time it has seen this user machine 120. The control
`program returns a HTTP redirect message sending the user machine
`120 to a second URL at www.login.com.
`
`
`(Ex 1003, col. 6 ll. 58-67) (accord Ex. 1007 at 6-7).
`
`B. Vu (U.S. Patent No. 5,623,601)
`As noted in Hospitality Core, Vu discloses the “handshake” not explicitly
`
`disclosed in Slemmer (Ex. 1002 at 13-16.) Vu describes providing a secure
`
`gateway for communication and data exchanges between networks. (Ex. 1004,
`
`Title.) And it describes a transparent proxy with a handshake as part of a gateway
`
`authentication procedure:
`
`When the gateway station 14 receives the client packet containing the
`Telnet command, a process is initiated on the gateway station 14
`which responds to the client 16 to establish a communication session
`17 as if it were the target machine. As will be explained below in
`detail, the process then authenticates the client's authorization to
`access the requested service.
`
`
`(Ex. 1004, col. 8 ll. 50-56) (emphasis added). In this process, the message packet
`
`received from the user’s machine is intercepted and redirected to an internal proxy
`
`process running on a local port of the gateway:
`
`19
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`If it is determined that a proxy process 15 is bound to a port which can
`serve the destination port number 38 in either of steps 70 or 72, a
`session (TCP or UDP) is initiated with the packet source IP address in
`32 in step 76 and in step 78, the packet is delivered by the [operating
`system] kernel to the proxy process designated in steps 70, 72.
`
`(Id., col. 10 ll. 14-19) (emphasis added). “This critical modification of the
`
`operating system kernel,” according to Vu, “permits the kernel, within the
`
`permission boundaries imposed by a systems administrator, to ‘listen’ to all 64K
`
`ports available for communication.” (Id., col. 10 ll. 19-22.)
`
`IX. CLAIMS 1-28 ARE OBVIOUS OVER SLEMMER IN VIEW OF VU
`
`The Board should again find “a reasonable likelihood” that “claims 1-28 of
`
`the ’266 patent are unpatentable as obvious under pre-AIA 35 U.S.C. § 103(a) over
`
`Slemmer and Vu.” (Ex. 1002 at 15-16.) Slemmer discloses all elements of the ’266
`
`patent’s independent and dependent claims, with the exception of its “handshake.”
`
`And Vu discloses the handshake.
`
`
`
`
`
`
`
`
`
`20
`
`

`

`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`A.
`
`Slemmer Discloses All Non-Handshake Elements of the ’266
`Patent’s Independent Claims, Including Their “Response Data”
`Limitations.
`As the Board previously held, Slemmer discloses the “response data”
`
`
`
`
`
`limitations of independent claims 1, 11, and 24 of the ’266 patent “as part of the
`
`software responding to requests as if they were the web server.” (Ex. 1002 at 13-
`
`14.) As the Slemmer specification teaches:
`
`A software control program running on the server 130 is in communication
`with that software port to which the packet is redirected. This software port
`responds to requests as if they were the web server on the Internet 140. This
`proxy server program or control program assumes control of the web request
`by fulfilling the actual request from the user machine 120 or implementing
`other predetermined steps.
`
`(Ex. 1003, col. 4 ll. 40-47.)
`
`
`
`The “Forced Proxy Server 130” of Slemmer corresponds to the ’266 patent’s
`
`“network system” (claim 1), “network management system” (claim 11), and
`
`“network management system” (claim 24):
`
`21
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`(Ex. 1002 at 8.)
`
`
`
`And Slemmer’s “software control program” response corresponds to the
`
`“response data” described in claims 1, 11, and 24 of the ’266 patent:
`
`
`
`Claim 1: “[G]enerating response data customized for the HTTP server
`request, the response data including alternate content different from content
`requested by the HTTP server request, wherein the response data is
`customized for the HTTP server request at least in part by appearing to be
`from the server located external to the network system, wherein the response
`data appears to be from the server located external to the network system at
`least in part by including, in a header of the response data, a source address
`corresponding to the server located external to the network system; and
`sending, from the network system, a response to the HTTP server request,
`the response configured to cause the user device to receive the alternate
`content, the response comprising the generated response data customized for
`the HTTP server request.”
`
`22
`
`

`

`
`
`IPR2018-00376
`U.S. Patent No. 8,266,266
`
`Claim 11: “[T]he network access management system further including a
`redirection data generation module configured to generate response data
`customized for the incoming request for access to the first device, the
`response data including alternate content different from content requested
`by the incoming request; the redirection data generation module configured
`to generate the response data to appear to be from the first device, wherein
`the response data appears to be from the first device at least in part by
`including a source address corresponding to the first device in a header of
`the response data; and the network access management system further
`configured to send a response to the incoming request for access to the first
`device, the response comprising the generated response data.”
`
`Claim 24: “[T]he processor further configured to generate response data
`customized for the user device, the response data including alternate content
`different from content to be accessed at the first network location, wherein
`the response data is customized for the user device at least in part by
`appearing to be from the first network location at least in part by including a
`source address corresponding to the first network location in a header of the
`response data; the processor